Information technology experts have been dealing with malware for years now. First, worms, then viruses, then ransomware. Malware re-invented itself as the internet expanded and hackers found new ways to make money through criminal enterprises on the net. That was then; this is now: get ready for the rise of the thingbots.
The Internet of Things
Last year, the internet was awash with stories about the rise of the Internet of Things (IOT). In the new digital world all our smart devices would be able to talk to each other and connect to the smart grid. Our toasters, coffeemakers, baby monitors and our internet-connected cars will communicate with each other and with our smart houses to make our lives so much simpler, organized and automated. The IOT would learn our preferences and our habits and adjust programming based on what they learn about our wants and needs. Some experts estimate that by 2020, a mere four years from now, between 25-50 billion devices will connect to the Internet and, potentially, to each other.
When that happens, IOT will not only take in data about our lives but will send data to other external machines. For example, the smart refrigerator not only keeps tabs on the food in your refrigerator and knows when you need to order particular items. It can send the list of foods you need to order to your smart phone, and then externally to the shopping delivery network that you use.
How do botnets form?
Botnets form when malware takes command over large numbers of computers (the term “bots”, derived from robots) and organizes them into systems (nets). A botnet, then, is a system of computers infected by malware. Botnets are the reason we have most of the hacking, spamming, and malware that we face each year.
As a rule, most of us haven’t worried too much about botnets attacking our computers. They seemed to mostly target the data of Fortune 500 companies or cause denial of service issues. When you hear the numbers of computers infected and controlled by botnets, however, the scale is nothing short of amazing. Just as an example, hackers created one botnet called ZeroAccess. At its height, this botnet reportedly controlled 1.9 million computers around the world in its efforts to commit cyber crimes.
Botnets are a threat to both businesses and personal users. We all use smart devices now. We bring our smart phones, notebooks and tablets to work. Any infection in the business network will spread easily to your personal devices. Similarly, an infected personal device linking to the business network can spread the infection to the network.
Of course, corporate networks usually have more sophisticated anti-malware protections and cyber-security systems than we do at home simply because they have more secret and proprietary information that hackers want to steal. Since there are various types of malware, though, any computer user is at risk. Some botnets send spam, some collect credentials or steal intellectual property, and still others send internet users to malicious websites. Once individual devices are voluntarily connected to each other, who knows what evil hackers will accomplish on a worldwide scale.
So, What are Thingbots?
Thingbots are botnets made of infected devices from the internet of things. Controlled by the owner of the botnet, they have the same capacity for malicious activities as traditional botnet malware.
Wireless routers and modems are the most likely targets for thingbots because they are directly connected to the internet. As our home appliances and workplace machines become fully automated, cyber-security will need to protect data at each segment of connection. The more data points connect, the more companies will need to employ security checkpoints.
To read more about thingbots, read the October 2014 article “Botnet malware: What it is and how to fight it,” on welivesecurity.com.
To talk more about botnets, thingbots, and what it means for your cyber-security, please contact us. We want to help your business stay cyber-secure.